Loading…
Johnie T Young
AI Expert
Johnie T Young is an AI expert and governance practitioner with deep experience helping fast-moving technology companies implement responsible AI practices at small-team scale. With a focus on practical, actionable frameworks, Johnie built AI Policy Desk to close the gap between enterprise-grade compliance tooling and the real-world needs of lean product teams. Before founding AI Policy Desk, Johnie worked across a range of technology companies advising on AI risk management, GDPR readiness, and EU AI Act compliance. With the rapid emergence of AI regulation globally, Johnie identified a clear need: governance resources written for 10-person teams, not Fortune 500 legal departments — practical templates, checklists, and guides that teams can pick up and use today.
- AI governance practitioner
- EU AI Act and GDPR specialist
- AI risk management expert
- Compliance frameworks for small teams
EU AI Act complianceAI governance frameworksGDPRRisk assessmentShadow AI managementVendor evaluationAI incident responseModel risk management
219 articles by Johnie T Young
Governance·15 min
Read →The Denominator Problem in AI Governance
Denominator problem in AI governance: practical overview for small teams — policy baseline, risk controls, weekly review loop. Includes copy-paste checklis
templateschecklistsworkflows
Governance·9 min
Read →AI Governance for Healthcare Startups: HIPAA, HITECH, and the EU AI Act
ChatGPT.com is not HIPAA compliant by default. Healthcare startups need a BAA, a PHI data boundary, and an EU AI Act plan for diagnostic tools.
hipaahealthcareeu-ai-actcompliance
Governance·8 min
Read →How to Add AI Tools to Your SOC 2 Program
SOC 2 auditors now ask about ChatGPT, Copilot, and Claude. Which Trust Service Criteria AI affects, what evidence you need, and how to scope AI tools.
soc2complianceai-securityvendor-risk
Governance·7 min
Read →Notion AI vs Microsoft 365 Copilot: Compliance for Small Teams
Notion AI and Microsoft 365 Copilot handle data retention, training opt-out, and EU residency differently. Governance comparison for small teams in 2026.
vendor-riskai-toolsgdprgovernance
Governance·8 min
Read →Understanding the Denominator Problem in AI Governance
The Denominator Problem hampers AI governance by obscuring incident rates, making risk measurement and compliance decisions unclear for small teams.
Denominator ProblemAI governancerisk measurementincident reporting
Governance·10 min
Read →Best AI Tools for Small Teams: Compliance and Governance Ratings (2026)
ChatGPT, Claude, Copilot, Notion AI, and Grammarly rated on GDPR posture, DPA availability, SOC 2, and audit logs. Safest AI tools for regulated small teams.
vendor-riskai-securitygovernancegdpr
Governance·16 min
Read →ChatGPT Team vs Enterprise: DPA Terms, GDPR Data Processing, and Audit Logs Compared (2026)
ChatGPT Team vs Enterprise DPA comparison 2026: data processing addendum terms, GDPR compliance, SOC 2. Neither includes a HIPAA BAA. Enterprise adds custom data retention, SCIM provisioning, and full audit logs. Quick-decision table covering 9 compliance dimensions.
chatgptopenaivendor-riskcompliance
Governance·8 min
Read →Claude vs ChatGPT for Compliance Teams: 2026 Governance Comparison
Claude and ChatGPT differ on GDPR posture, DPA availability, and data retention. Side-by-side governance comparison for small teams in 2026.
vendor-riskai-securitygovernancegdpr
Governance·7 min
Read →GitHub Copilot vs Cursor for Regulated Teams: Security and Compliance Comparison
GitHub Copilot and Cursor differ on telemetry, code transmission, audit logs, and enterprise controls. Comparison for engineering teams at regulated firms.
vendor-riskai-securitygovernancedeveloper-tools
Governance·10 min
Read →Microsoft 365 Copilot vs Google Workspace AI: Compliance Comparison for Small Teams
Microsoft 365 Copilot and Google Workspace AI differ on DPA terms, EU residency, and audit logs. Compliance comparison for small teams in 2026.
vendor-riskmicrosoft-copilotgoogle-workspacegdpr
Governance·13 min
Read →OpenAI releases GPT-5.5, bringing company one step closer to an AI ‘super app’
Agentic model governance: practical overview for small teams — policy baseline, risk controls, and weekly review loop for GPT-5.5 AI safety risks. Includes
templateschecklistsworkflows
Governance·12 min
Read →Palantir Deal Raises police AI surveillance Debate in London
The Met’s pending Palantir partnership ignites a police AI surveillance controversy, prompting small teams to assess risk, bias, and compliance frameworks.
AI surveillancelaw enforcementPalantirMetropolitan Police